WILMINGTON, NC (WWAY) — Michaels says its stores in Wilmington and Jacksonville are among the chain’s locations targeted by hackers last year and into January of this year.

The company recently announced a malware attack affected as many as 2.6 million cards. Michaels says it hired two security firms to investigate, and that neither had seen the type of highly-sophisticated software used.

The investigation also found the affected systems contained certain payment card information, such as payment cardnumber and expiration date, but there is no evidence that other customer personal information, such as name, address or PIN, was at risk, the company says.

The arts and crafts stores at Wilmington’s Mayfaire shopping center and on Western Blvd. in Jacksonville are among 34 locations in North Carolina impacted. The potential dates of exposure for the Wilmington store were May 8-Oct. 6, 2013, Oct. 17-Nov. 24, 2013 and Dec. 12, 2013-Jan. 19, 2014. For the Jacksonville location, they were May 8-Oct. 8, 2013 and Dec. 12, 2013-Jan. 19, 2014.

Michaels says the 2.6 million cards represent about 7 percent of payment cards used at Michaels stores during the relevant time period. The breach also affected 54 locations of Michaels subsidiary Aaron Brothers.

While the company says it has received limited reports of fraud, it is offering identity protection, credit monitoring and fraud assistance to affected customers in the US for 12 months at no cost to the customer. You can find more information on the Michaels website